Hi,
We are deploying two new gateways and Mgmt servers running R80.20 and the policy is heavily reliant on IA.
We have two Identity Collectors (80.87.0000 - recently upgraded from 80.85.0000) running on Windows 2016 servers.
We have about 15 users behind the gateways testing the policy and are running into problems where users randomly stop being authenticated and therefore the policy drops the connection. To get them working again we run the ‘pdp control revoke_ip’ command.
In addition to the above, we have another user who has all the required access and being accepted by the policy and then starts getting dropped the by the policy. I have found an event in the logs that immediately precedes the dropped connections, which is: Authentication Status: Access Roles updated
As with the other issue, running pdp control revoke_ip gets them working again.
Have any of you come across these issues before? And, if so, what was the fix?
We will be putting 1500+ users behind these gateways, so you can imagine the potential problems we'll face if these issues are not fixed.
I am in contact with CP TAC and have uploaded multiple pdp and pep debugs, but still don't have a fix and I wanted to see if anyone else had some advice.
Many thanks
Alex